mirror of
https://github.com/kkapsner/CanvasBlocker
synced 2024-11-11 07:38:58 +01:00
1.9 KiB
1.9 KiB
This add-on allows users to prevent websites from using the Javascript canvas API to fingerprint them. Users can choose to block the canvas API entirely on some or all websites (which may break some websites) or just block or fake its fingerprinting-friendly readout API. More information on canvas fingerprinting can be found at http://www.browserleaks.com/canvas.
The different block modes are:
- block readout API: All websites not on the white list or black list can use the canvas API to display something on the page, but the readout API is not allowed to return values to the website.
- fake readout API: Canvas Blocker's default setting, and my favorite! All websites not on the white list or black list can use the canvas API to display something on the page, but the readout API is forced to return a new random value each time it is called.
- fake at input: on display of text the drawn pixels get modified slightly. This makes the detection of the add-on harder but is less secure. On WebGL-canvas the behaviour is identical to "fake readout API".
- ask for readout API permission: All websites not on the white list or black list can use the canvas API to display something on the page, but the user will be asked if the website should be allowed to use the readout API each time it is called.
- block everything: Ignore all lists and block the canvas API on all websites.
- allow only white list: Only websites in the white list are allowed to use the canvas API.
- ask for permission: If a website is not listed on the white list or black list, the user will be asked if the website should be allowed to use the canvas API each time it is called.
- block only black list: Block the canvas API only for websites on the black list.
- allow everything: Ignore all lists and allow the canvas API on all websites.
Please report issues and feature requests at https://github.com/kkapsner/CanvasBlocker/issues